ltcai 4.2.0 → 4.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (38) hide show
  1. package/README.md +26 -21
  2. package/docs/CHANGELOG.md +42 -0
  3. package/docs/V4_3_PORTABILITY_ARCHITECTURE.md +69 -0
  4. package/docs/V4_3_PRIVACY_AUDIT.md +60 -0
  5. package/docs/V4_3_PRODUCT_HARDENING_REPORT.md +53 -0
  6. package/docs/V4_3_VALIDATION_REPORT.md +58 -0
  7. package/docs/V4_DIGITAL_BRAIN_RECOVERY.md +25 -25
  8. package/frontend/openapi.json +203 -1
  9. package/frontend/src/api/client.ts +7 -0
  10. package/frontend/src/api/openapi.ts +258 -0
  11. package/frontend/src/pages/System.tsx +58 -0
  12. package/lattice_brain/__init__.py +1 -1
  13. package/lattice_brain/archive.py +360 -47
  14. package/latticeai/__init__.py +1 -1
  15. package/latticeai/api/admin.py +11 -0
  16. package/latticeai/api/portability.py +59 -2
  17. package/latticeai/app_factory.py +9 -0
  18. package/latticeai/core/config.py +1 -1
  19. package/latticeai/core/marketplace.py +1 -1
  20. package/latticeai/core/multi_agent.py +1 -1
  21. package/latticeai/core/product_hardening.py +217 -0
  22. package/latticeai/core/workspace_os.py +1 -1
  23. package/latticeai/services/kg_portability.py +147 -4
  24. package/ltcai_cli.py +2 -1
  25. package/package.json +3 -3
  26. package/scripts/clean_release_artifacts.mjs +27 -0
  27. package/scripts/lint_frontend.mjs +5 -0
  28. package/scripts/validate_release_artifacts.py +10 -0
  29. package/src-tauri/Cargo.lock +1 -1
  30. package/src-tauri/Cargo.toml +1 -1
  31. package/src-tauri/src/main.rs +113 -13
  32. package/src-tauri/tauri.conf.json +1 -1
  33. package/static/app/asset-manifest.json +5 -5
  34. package/static/app/assets/{index-C_HAkbAg.js → index-RiJTJliG.js} +3 -3
  35. package/static/app/assets/index-RiJTJliG.js.map +1 -0
  36. package/static/app/assets/{index-CDjiH_se.css → index-yZswHE3d.css} +1 -1
  37. package/static/app/index.html +2 -2
  38. package/static/app/assets/index-C_HAkbAg.js.map +0 -1
package/frontend/openapi.json CHANGED
@@ -731,8 +731,42 @@
731
731
  "title": "EncryptedArchiveRequest",
732
732
  "type": "object"
733
733
  },
734
+ "EncryptedInspectRequest": {
735
+ "properties": {
736
+ "passphrase": {
737
+ "anyOf": [
738
+ {
739
+ "type": "string"
740
+ },
741
+ {
742
+ "type": "null"
743
+ }
744
+ ],
745
+ "title": "Passphrase"
746
+ },
747
+ "path": {
748
+ "title": "Path",
749
+ "type": "string"
750
+ }
751
+ },
752
+ "required": [
753
+ "path"
754
+ ],
755
+ "title": "EncryptedInspectRequest",
756
+ "type": "object"
757
+ },
734
758
  "EncryptedRestoreRequest": {
735
759
  "properties": {
760
+ "confirm": {
761
+ "default": false,
762
+ "title": "Confirm",
763
+ "type": "boolean"
764
+ },
765
+ "dry_run": {
766
+ "default": false,
767
+ "title": "Dry Run",
768
+ "type": "boolean"
769
+ },
736
770
  "passphrase": {
737
771
  "title": "Passphrase",
738
772
  "type": "string"
@@ -749,6 +783,24 @@
749
783
  "title": "EncryptedRestoreRequest",
750
784
  "type": "object"
751
785
  },
786
+ "EncryptedVerifyRequest": {
787
+ "properties": {
788
+ "passphrase": {
789
+ "title": "Passphrase",
790
+ "type": "string"
791
+ },
792
+ "path": {
793
+ "title": "Path",
794
+ "type": "string"
795
+ }
796
+ },
797
+ "required": [
798
+ "path",
799
+ "passphrase"
800
+ ],
801
+ "title": "EncryptedVerifyRequest",
802
+ "type": "object"
803
+ },
752
804
  "ExportRequest": {
753
805
  "properties": {
754
806
  "filters": {
@@ -1946,6 +1998,16 @@
1946
1998
  },
1947
1999
  "RestoreRequest": {
1948
2000
  "properties": {
2001
+ "confirm": {
2002
+ "default": false,
2003
+ "title": "Confirm",
2004
+ "type": "boolean"
2005
+ },
2006
+ "dry_run": {
2007
+ "default": false,
2008
+ "title": "Dry Run",
2009
+ "type": "boolean"
2010
+ },
1949
2011
  "path": {
1950
2012
  "title": "Path",
1951
2013
  "type": "string"
@@ -3481,7 +3543,7 @@
3481
3543
  },
3482
3544
  "info": {
3483
3545
  "title": "Lattice AI Server (local)",
3484
- "version": "4.2.0"
3546
+ "version": "4.3.0"
3485
3547
  },
3486
3548
  "openapi": "3.1.0",
3487
3549
  "paths": {
@@ -3763,6 +3825,22 @@
3763
3825
  "summary": "Admin Policies"
3764
3826
  }
3765
3827
  },
3828
+ "/admin/product-hardening": {
3829
+ "get": {
3830
+ "operationId": "admin_product_hardening_admin_product_hardening_get",
3831
+ "responses": {
3832
+ "200": {
3833
+ "content": {
3834
+ "application/json": {
3835
+ "schema": {}
3836
+ }
3837
+ },
3838
+ "description": "Successful Response"
3839
+ }
3840
+ },
3841
+ "summary": "Admin Product Hardening"
3842
+ }
3843
+ },
3766
3844
  "/admin/roles": {
3767
3845
  "get": {
3768
3846
  "operationId": "admin_roles_admin_roles_get",
@@ -6156,6 +6234,78 @@
6156
6234
  "summary": "Encrypted Archive"
6157
6235
  }
6158
6236
  },
6237
+ "/api/knowledge-graph/archive/import": {
6238
+ "post": {
6239
+ "operationId": "import_encrypted_archive_api_knowledge_graph_archive_import_post",
6240
+ "requestBody": {
6241
+ "content": {
6242
+ "application/json": {
6243
+ "schema": {
6244
+ "$ref": "#/components/schemas/EncryptedRestoreRequest"
6245
+ }
6246
+ }
6247
+ },
6248
+ "required": true
6249
+ },
6250
+ "responses": {
6251
+ "200": {
6252
+ "content": {
6253
+ "application/json": {
6254
+ "schema": {}
6255
+ }
6256
+ },
6257
+ "description": "Successful Response"
6258
+ },
6259
+ "422": {
6260
+ "content": {
6261
+ "application/json": {
6262
+ "schema": {
6263
+ "$ref": "#/components/schemas/HTTPValidationError"
6264
+ }
6265
+ }
6266
+ },
6267
+ "description": "Validation Error"
6268
+ }
6269
+ },
6270
+ "summary": "Import Encrypted Archive"
6271
+ }
6272
+ },
6273
+ "/api/knowledge-graph/archive/inspect": {
6274
+ "post": {
6275
+ "operationId": "inspect_encrypted_archive_api_knowledge_graph_archive_inspect_post",
6276
+ "requestBody": {
6277
+ "content": {
6278
+ "application/json": {
6279
+ "schema": {
6280
+ "$ref": "#/components/schemas/EncryptedInspectRequest"
6281
+ }
6282
+ }
6283
+ },
6284
+ "required": true
6285
+ },
6286
+ "responses": {
6287
+ "200": {
6288
+ "content": {
6289
+ "application/json": {
6290
+ "schema": {}
6291
+ }
6292
+ },
6293
+ "description": "Successful Response"
6294
+ },
6295
+ "422": {
6296
+ "content": {
6297
+ "application/json": {
6298
+ "schema": {
6299
+ "$ref": "#/components/schemas/HTTPValidationError"
6300
+ }
6301
+ }
6302
+ },
6303
+ "description": "Validation Error"
6304
+ }
6305
+ },
6306
+ "summary": "Inspect Encrypted Archive"
6307
+ }
6308
+ },
6159
6309
  "/api/knowledge-graph/archive/restore": {
6160
6310
  "post": {
6161
6311
  "operationId": "restore_encrypted_archive_api_knowledge_graph_archive_restore_post",
@@ -6192,6 +6342,42 @@
6192
6342
  "summary": "Restore Encrypted Archive"
6193
6343
  }
6194
6344
  },
6345
+ "/api/knowledge-graph/archive/verify": {
6346
+ "post": {
6347
+ "operationId": "verify_encrypted_archive_api_knowledge_graph_archive_verify_post",
6348
+ "requestBody": {
6349
+ "content": {
6350
+ "application/json": {
6351
+ "schema": {
6352
+ "$ref": "#/components/schemas/EncryptedVerifyRequest"
6353
+ }
6354
+ }
6355
+ },
6356
+ "required": true
6357
+ },
6358
+ "responses": {
6359
+ "200": {
6360
+ "content": {
6361
+ "application/json": {
6362
+ "schema": {}
6363
+ }
6364
+ },
6365
+ "description": "Successful Response"
6366
+ },
6367
+ "422": {
6368
+ "content": {
6369
+ "application/json": {
6370
+ "schema": {
6371
+ "$ref": "#/components/schemas/HTTPValidationError"
6372
+ }
6373
+ }
6374
+ },
6375
+ "description": "Validation Error"
6376
+ }
6377
+ },
6378
+ "summary": "Verify Encrypted Archive"
6379
+ }
6380
+ },
6195
6381
  "/api/knowledge-graph/backup": {
6196
6382
  "post": {
6197
6383
  "operationId": "backup_graph_api_knowledge_graph_backup_post",
@@ -6228,6 +6414,22 @@
6228
6414
  "summary": "Backup Graph"
6229
6415
  }
6230
6416
  },
6417
+ "/api/knowledge-graph/backup-health": {
6418
+ "get": {
6419
+ "operationId": "backup_health_api_knowledge_graph_backup_health_get",
6420
+ "responses": {
6421
+ "200": {
6422
+ "content": {
6423
+ "application/json": {
6424
+ "schema": {}
6425
+ }
6426
+ },
6427
+ "description": "Successful Response"
6428
+ }
6429
+ },
6430
+ "summary": "Backup Health"
6431
+ }
6432
+ },
6231
6433
  "/api/knowledge-graph/export": {
6232
6434
  "post": {
6233
6435
  "description": "Logical JSON export of the whole graph (read-only).",
package/frontend/src/api/client.ts CHANGED
@@ -211,6 +211,7 @@ export const latticeApi = {
211
211
  graphStats: () => get("/knowledge-graph/stats", { nodes: {}, edges: {}, total_nodes: 0, total_edges: 0 }),
212
212
  graphPortability: () => get("/api/knowledge-graph/portability", {}),
213
213
  brainStorage: () => get("/api/brain/storage", {}),
214
+ backupHealth: () => get("/api/knowledge-graph/backup-health", {}),
214
215
  dockerPostgres: (body: { consent: boolean; dry_run?: boolean; port?: number }) => post("/api/brain/storage/postgres/docker", body, {}),
215
216
  migratePostgres: (body: { dsn: string; schema_name?: string; dry_run?: boolean }) => post("/api/brain/storage/migrate-postgres", body, {}),
216
217
  graphProvenance: (limit = 50) => get("/api/knowledge-graph/provenance", { items: [] }, { limit }),
@@ -218,6 +219,11 @@ export const latticeApi = {
218
219
  graphExport: () => post("/api/knowledge-graph/export", {}, {}),
219
220
  graphBackup: () => post("/api/knowledge-graph/backup", {}, {}),
220
221
  graphImport: (artifact: unknown, dry_run = true) => post("/api/knowledge-graph/import", { artifact, mode: "merge", dry_run }, {}),
222
+ brainArchive: (body: { path?: string | null; passphrase: string }) => post("/api/knowledge-graph/archive", body, {}),
223
+ brainArchiveInspect: (body: { path: string; passphrase?: string | null }) => post("/api/knowledge-graph/archive/inspect", body, {}),
224
+ brainArchiveVerify: (body: { path: string; passphrase: string }) => post("/api/knowledge-graph/archive/verify", body, {}),
225
+ brainArchiveRestore: (body: { path: string; passphrase: string; dry_run?: boolean; confirm?: boolean }) => post("/api/knowledge-graph/archive/restore", body, {}),
226
+ brainArchiveImport: (body: { path: string; passphrase: string; dry_run?: boolean; confirm?: boolean }) => post("/api/knowledge-graph/archive/import", body, {}),
221
227
  hybridSearch: async (query: string, weights?: unknown) => {
222
228
  const res = await post<Record<string, unknown>>("/api/search/hybrid", { query, ...(weights ? { weights } : {}) }, { matches: [] });
223
229
  const data = res.data as Record<string, unknown>;
@@ -314,6 +320,7 @@ export const latticeApi = {
314
320
  adminAudit: () => get("/admin/audit", { recent_events: [] }),
315
321
  adminRoles: () => get("/admin/roles", { roles: [] }),
316
322
  adminPolicies: () => get("/admin/policies", { policies: [] }),
323
+ adminProductHardening: () => get("/admin/product-hardening", {}),
317
324
  adminSecurity: () => get("/admin/security/overview", {}),
318
325
  vpcStatus: () => get("/vpc/status", {}),
319
326
  toolPermissions: () => get("/tools/permissions", { permissions: [] }),
package/frontend/src/api/openapi.ts CHANGED
@@ -207,6 +207,23 @@ export interface paths {
207
207
  patch?: never;
208
208
  trace?: never;
209
209
  };
210
+ "/admin/product-hardening": {
211
+ parameters: {
212
+ query?: never;
213
+ header?: never;
214
+ path?: never;
215
+ cookie?: never;
216
+ };
217
+ /** Admin Product Hardening */
218
+ get: operations["admin_product_hardening_admin_product_hardening_get"];
219
+ put?: never;
220
+ post?: never;
221
+ delete?: never;
222
+ options?: never;
223
+ head?: never;
224
+ patch?: never;
225
+ trace?: never;
226
+ };
210
227
  "/admin/roles": {
211
228
  parameters: {
212
229
  query?: never;
@@ -1280,6 +1297,40 @@ export interface paths {
1280
1297
  patch?: never;
1281
1298
  trace?: never;
1282
1299
  };
1300
+ "/api/knowledge-graph/archive/import": {
1301
+ parameters: {
1302
+ query?: never;
1303
+ header?: never;
1304
+ path?: never;
1305
+ cookie?: never;
1306
+ };
1307
+ get?: never;
1308
+ put?: never;
1309
+ /** Import Encrypted Archive */
1310
+ post: operations["import_encrypted_archive_api_knowledge_graph_archive_import_post"];
1311
+ delete?: never;
1312
+ options?: never;
1313
+ head?: never;
1314
+ patch?: never;
1315
+ trace?: never;
1316
+ };
1317
+ "/api/knowledge-graph/archive/inspect": {
1318
+ parameters: {
1319
+ query?: never;
1320
+ header?: never;
1321
+ path?: never;
1322
+ cookie?: never;
1323
+ };
1324
+ get?: never;
1325
+ put?: never;
1326
+ /** Inspect Encrypted Archive */
1327
+ post: operations["inspect_encrypted_archive_api_knowledge_graph_archive_inspect_post"];
1328
+ delete?: never;
1329
+ options?: never;
1330
+ head?: never;
1331
+ patch?: never;
1332
+ trace?: never;
1333
+ };
1283
1334
  "/api/knowledge-graph/archive/restore": {
1284
1335
  parameters: {
1285
1336
  query?: never;
@@ -1297,6 +1348,23 @@ export interface paths {
1297
1348
  patch?: never;
1298
1349
  trace?: never;
1299
1350
  };
1351
+ "/api/knowledge-graph/archive/verify": {
1352
+ parameters: {
1353
+ query?: never;
1354
+ header?: never;
1355
+ path?: never;
1356
+ cookie?: never;
1357
+ };
1358
+ get?: never;
1359
+ put?: never;
1360
+ /** Verify Encrypted Archive */
1361
+ post: operations["verify_encrypted_archive_api_knowledge_graph_archive_verify_post"];
1362
+ delete?: never;
1363
+ options?: never;
1364
+ head?: never;
1365
+ patch?: never;
1366
+ trace?: never;
1367
+ };
1300
1368
  "/api/knowledge-graph/backup": {
1301
1369
  parameters: {
1302
1370
  query?: never;
@@ -1314,6 +1382,23 @@ export interface paths {
1314
1382
  patch?: never;
1315
1383
  trace?: never;
1316
1384
  };
1385
+ "/api/knowledge-graph/backup-health": {
1386
+ parameters: {
1387
+ query?: never;
1388
+ header?: never;
1389
+ path?: never;
1390
+ cookie?: never;
1391
+ };
1392
+ /** Backup Health */
1393
+ get: operations["backup_health_api_knowledge_graph_backup_health_get"];
1394
+ put?: never;
1395
+ post?: never;
1396
+ delete?: never;
1397
+ options?: never;
1398
+ head?: never;
1399
+ patch?: never;
1400
+ trace?: never;
1401
+ };
1317
1402
  "/api/knowledge-graph/export": {
1318
1403
  parameters: {
1319
1404
  query?: never;
@@ -5822,8 +5907,32 @@ export interface components {
5822
5907
  /** Path */
5823
5908
  path?: string | null;
5824
5909
  };
5910
+ /** EncryptedInspectRequest */
5911
+ EncryptedInspectRequest: {
5912
+ /** Passphrase */
5913
+ passphrase?: string | null;
5914
+ /** Path */
5915
+ path: string;
5916
+ };
5825
5917
  /** EncryptedRestoreRequest */
5826
5918
  EncryptedRestoreRequest: {
5919
+ /**
5920
+ * Confirm
5921
+ * @default false
5922
+ */
5923
+ confirm: boolean;
5924
+ /**
5925
+ * Dry Run
5926
+ * @default false
5927
+ */
5928
+ dry_run: boolean;
5929
+ /** Passphrase */
5930
+ passphrase: string;
5931
+ /** Path */
5932
+ path: string;
5933
+ };
5934
+ /** EncryptedVerifyRequest */
5935
+ EncryptedVerifyRequest: {
5827
5936
  /** Passphrase */
5828
5937
  passphrase: string;
5829
5938
  /** Path */
@@ -6389,6 +6498,16 @@ export interface components {
6389
6498
  };
6390
6499
  /** RestoreRequest */
6391
6500
  RestoreRequest: {
6501
+ /**
6502
+ * Confirm
6503
+ * @default false
6504
+ */
6505
+ confirm: boolean;
6506
+ /**
6507
+ * Dry Run
6508
+ * @default false
6509
+ */
6510
+ dry_run: boolean;
6392
6511
  /** Path */
6393
6512
  path: string;
6394
6513
  /**
@@ -7458,6 +7577,26 @@ export interface operations {
7458
7577
  };
7459
7578
  };
7460
7579
  };
7580
+ admin_product_hardening_admin_product_hardening_get: {
7581
+ parameters: {
7582
+ query?: never;
7583
+ header?: never;
7584
+ path?: never;
7585
+ cookie?: never;
7586
+ };
7587
+ requestBody?: never;
7588
+ responses: {
7589
+ /** @description Successful Response */
7590
+ 200: {
7591
+ headers: {
7592
+ [name: string]: unknown;
7593
+ };
7594
+ content: {
7595
+ "application/json": unknown;
7596
+ };
7597
+ };
7598
+ };
7599
+ };
7461
7600
  admin_roles_admin_roles_get: {
7462
7601
  parameters: {
7463
7602
  query?: never;
@@ -9503,6 +9642,72 @@ export interface operations {
9503
9642
  };
9504
9643
  };
9505
9644
  };
9645
+ import_encrypted_archive_api_knowledge_graph_archive_import_post: {
9646
+ parameters: {
9647
+ query?: never;
9648
+ header?: never;
9649
+ path?: never;
9650
+ cookie?: never;
9651
+ };
9652
+ requestBody: {
9653
+ content: {
9654
+ "application/json": components["schemas"]["EncryptedRestoreRequest"];
9655
+ };
9656
+ };
9657
+ responses: {
9658
+ /** @description Successful Response */
9659
+ 200: {
9660
+ headers: {
9661
+ [name: string]: unknown;
9662
+ };
9663
+ content: {
9664
+ "application/json": unknown;
9665
+ };
9666
+ };
9667
+ /** @description Validation Error */
9668
+ 422: {
9669
+ headers: {
9670
+ [name: string]: unknown;
9671
+ };
9672
+ content: {
9673
+ "application/json": components["schemas"]["HTTPValidationError"];
9674
+ };
9675
+ };
9676
+ };
9677
+ };
9678
+ inspect_encrypted_archive_api_knowledge_graph_archive_inspect_post: {
9679
+ parameters: {
9680
+ query?: never;
9681
+ header?: never;
9682
+ path?: never;
9683
+ cookie?: never;
9684
+ };
9685
+ requestBody: {
9686
+ content: {
9687
+ "application/json": components["schemas"]["EncryptedInspectRequest"];
9688
+ };
9689
+ };
9690
+ responses: {
9691
+ /** @description Successful Response */
9692
+ 200: {
9693
+ headers: {
9694
+ [name: string]: unknown;
9695
+ };
9696
+ content: {
9697
+ "application/json": unknown;
9698
+ };
9699
+ };
9700
+ /** @description Validation Error */
9701
+ 422: {
9702
+ headers: {
9703
+ [name: string]: unknown;
9704
+ };
9705
+ content: {
9706
+ "application/json": components["schemas"]["HTTPValidationError"];
9707
+ };
9708
+ };
9709
+ };
9710
+ };
9506
9711
  restore_encrypted_archive_api_knowledge_graph_archive_restore_post: {
9507
9712
  parameters: {
9508
9713
  query?: never;
@@ -9536,6 +9741,39 @@ export interface operations {
9536
9741
  };
9537
9742
  };
9538
9743
  };
9744
+ verify_encrypted_archive_api_knowledge_graph_archive_verify_post: {
9745
+ parameters: {
9746
+ query?: never;
9747
+ header?: never;
9748
+ path?: never;
9749
+ cookie?: never;
9750
+ };
9751
+ requestBody: {
9752
+ content: {
9753
+ "application/json": components["schemas"]["EncryptedVerifyRequest"];
9754
+ };
9755
+ };
9756
+ responses: {
9757
+ /** @description Successful Response */
9758
+ 200: {
9759
+ headers: {
9760
+ [name: string]: unknown;
9761
+ };
9762
+ content: {
9763
+ "application/json": unknown;
9764
+ };
9765
+ };
9766
+ /** @description Validation Error */
9767
+ 422: {
9768
+ headers: {
9769
+ [name: string]: unknown;
9770
+ };
9771
+ content: {
9772
+ "application/json": components["schemas"]["HTTPValidationError"];
9773
+ };
9774
+ };
9775
+ };
9776
+ };
9539
9777
  backup_graph_api_knowledge_graph_backup_post: {
9540
9778
  parameters: {
9541
9779
  query?: never;
@@ -9569,6 +9807,26 @@ export interface operations {
9569
9807
  };
9570
9808
  };
9571
9809
  };
9810
+ backup_health_api_knowledge_graph_backup_health_get: {
9811
+ parameters: {
9812
+ query?: never;
9813
+ header?: never;
9814
+ path?: never;
9815
+ cookie?: never;
9816
+ };
9817
+ requestBody?: never;
9818
+ responses: {
9819
+ /** @description Successful Response */
9820
+ 200: {
9821
+ headers: {
9822
+ [name: string]: unknown;
9823
+ };
9824
+ content: {
9825
+ "application/json": unknown;
9826
+ };
9827
+ };
9828
+ };
9829
+ };
9572
9830
  export_graph_api_knowledge_graph_export_post: {
9573
9831
  parameters: {
9574
9832
  query?: never;